A company recently outsourced its night-shift cleaning service. A technician is concerned about having unsupervised contractors in the building. Which of the following security measures can be used to prevent the computers from being accessed? (Choose two.)
A. Implementing data-at-rest encryption
B. Disabling AutoRun
C. Restricting user permissions
D. Restricting log-in times
E. Enabling a screen lock
F. Disabling local administrator accounts
Correct Answer: CF
While the other options (A, B, D, and E) are important security measures in general, they may not directly address the concern of contractors accessing the computers during their cleaning duties. Data-at-rest encryption, disabling AutoRun, restricting log-in times, and enabling a screen lock are more focused on protecting data and controlling system behavior but may not specifically prevent unsupervised access to computers by contractors.
Question 232:
A user requested that the file permissions on a Linux device be changed to only allow access to a certain group of users. Which of the following commands should be used to complete the user's request?
A. cat
B. chmod
C. pwd
D. cacls
Correct Answer: B
Question 233:
A user installed a new computer game. Upon starting the game, the user notices the frame rates are low. Which of the following should the user upgrade to resolve the issue?
A. Hard drive
B. Graphics card
C. Random-access memory
D. Monitor
Correct Answer: B
Question 234:
Which of the following involves sending arbitrary characters in a web page request?
A. SMS
B. SSL
C. XSS
D. VPN
Correct Answer: C
XSS (Cross-Site Scripting) involves sending arbitrary characters in a web page request. XSS is a security vulnerability that allows an attacker to inject malicious scripts into a web page viewed by other users. These scripts can be used to steal information or perform other malicious actions when a user interacts with the compromised web page. It's a common attack vector used to send arbitrary characters and execute code within a web page context.
Question 235:
A user is trying to use proprietary software, but it crashes intermittently. The user notices that the desktop is displaying a "low memory" warning message. Upon restarting the desktop, the issue persists. Which of the following should a technician do next to troubleshoot the issue?
A. Reimage the computer.
B. Replace the system RAM.
C. Reinstall and update the failing software.
D. Decrease the page file size.
Correct Answer: C
The troubleshooting steps should start with re-install and update, software can have memory leaks or other issues that cause it to use more memory than it should, leading to low memory warnings
Question 236:
A technician is setting up a new laptop. The company's security policy states that users cannot install virtual machines.
Which of the following should the technician implement to prevent users from enabling virtual technology on their laptops?
A. UEFI password
B. Secure boot
C. Account lockout
D. Restricted user permissions
Correct Answer: B
A technician setting up a new laptop must ensure that users cannot install virtual machines as the company's security policy states One way to prevent users from enabling virtual technology is by implementing Secure Boot. Secure Boot is a feature of UEFI firmware that ensures the system only boots using firmware that is trusted by the manufacturer. It verifies the signature of all bootloaders, operating systems, and drivers before running them, preventing any unauthorized modifications to the boot process. This will help prevent users from installing virtual machines on the laptop without authorization.
Question 237:
A user contacts a technician about an issue with a laptop. The user states applications open without being launched and the browser redirects when trying to go to certain websites. Which of the following is MOST likely the cause of the user's issue?
A. Keylogger
B. Cryptominers
C. Virus
D. Malware
Correct Answer: D
The most likely cause of the user's issue of applications opening without being launched and browser redirects when trying to go to certain websites is malware. Malware is a general term that refers to any software or code that is malicious or harmful to a computer or system. Malware can perform various unwanted or unauthorized actions on a computer or system, such as opening applications, redirecting browsers, displaying ads, stealing data, encrypting files or damaging hardware. Malware can infect a computer or system through various means, such as email attachments, web downloads, removable media or network connections. Keylogger is a type of malware that records and transmits the keystrokes made by a user on a keyboard. Keylogger can be used to steal personal or sensitive information, such as passwords, credit card numbers or chat messages. Keylogger does not typically open applications or redirect browsers but only captures user inputs. Cryptominers are a type of malware that use the computing resources of a computer or system to mine cryptocurrency, such as Bitcoin or Ethereum. Cryptominers can degrade the performance and increase the power consumption of a computer or system. Cryptominers do not typically open applications or redirect browsers but only consume CPU or GPU cycles. Virus is a type of malware that infects and replicates itself on other files or programs on a computer or system.
Question 238:
An administrator has received approval for a change request for an upcoming server deployment. Which of the following steps should be completed NEXT?
A. Perform a risk analysis.
B. Implement the deployment.
C. Verify end user acceptance
D. Document the lessons learned.
Correct Answer: A
Before making any changes to the system, it is important to assess the risks associated with the change and determine whether it is worth implementing. Risk analysis involves identifying potential risks, assessing their likelihood and impact, and determining what steps can be taken to mitigate them. It is important to perform this step before making any changes, as this allows the administrator to make an informed decision about whether or not the change should be implemented. Once the risks have been assessed and the administrator has decided to go ahead with the change, the next step is to implement the deployment.
Question 239:
A network technician installed a SOHO router for a home office user. The user has read reports about home routers being targeted by malicious actors and then used in DDoS attacks.
Which of the following can the technician MOST likely do to defend against this threat?
A. Add network content filtering.
B. Disable the SSID broadcast.
C. Configure port forwarding.
D. Change the default credentials.
Correct Answer: D
One of the most effective ways to defend against malicious actors targeting home routers for DDoS attacks is to change the default credentials of the router. The default credentials are often well-known or easily guessed by attackers, who can then access and compromise the router settings and firmware. By changing the default credentials to strong and unique ones, a technician can prevent unauthorized access and configuration changes to the router. Adding network content filtering may help block some malicious or unwanted websites but may not prevent attackers from exploiting router vulnerabilities or backdoors. Disabling the SSID broadcast may help reduce the visibility of the wireless network but may not prevent attackers from scanning or detecting it. Configuring port forwarding may help direct incoming traffic to specific devices or services but may not prevent attackers from sending malicious packets or requests to the router. References: CompTIA A+ Core 2 (220-1002) Certification Exam Objectives Version 4.0, Domain 3.3
Question 240:
Sensitive data was leaked from a user's smartphone. A technician discovered an unapproved application was installed, and the user has full access to the device's command shell.
Which of the following is the NEXT step the technician should take to find the cause of the leaked data?
A. Restore the device to factory settings.
B. Uninstall the unapproved application.
C. Disable the ability to install applications from unknown sources.
D. Ensure the device is connected to the corporate WiFi network.
Correct Answer: B
The technician should disable the user's access to the device's command shell. This will prevent the user from accessing sensitive data and will help to prevent further data leaks. The technician should then investigate the unapproved application to determine if it is the cause of the data leak. If the application is found to be the cause of the leak, the technician should uninstall the application and restore the device to factory settings. If the application is not the cause of the leak, the technician should investigate further to determine the cause of the leak. Disabling the ability to install applications from unknown sources can help to prevent future data leaks, but it is not the next step the technician should take in this scenario. Ensuring the device is connected to the corporate WiFi network is not relevant to this scenario
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 220-1102 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.